Many Shortcomings Plague Cybersecurity

Everyone has a stake, and most are at fault, one way or another.

The United States needs to take a multifaceted approach to cybersecurity to ameliorate problems affecting every sector of government and society, said experts in a panel comprising women in the cyber arena. Two officials each from industry and government described the broad scope of the challenges and potential solutions at AFCEA’s TechNet Asia-Pacific 2018, held November 14-16 in Honolulu.

“We have to automate as much as we can in cybersecurity. If we have to rely on our users, we will fail,” said Vice Adm. Nancy Norton, USN, director, Defense Information Systems Agency (DISA) and commander of the Joint Force Headquarters Department of Defense Information Network.

We have to automate as much as we can in cybersecurity. If we have to rely on our users, we will fail.— Vice Adm. Nancy Norton, USN, director, DISA and commander, JFHQ DODIN #AFCEATechNet

Industry will play a big role in helping develop cybersecurity innovations. “Industry definitely helps push us in our innovation. Being able to see what industry is doing is very helpful,” Adm. Norton stated.

Industry definitely helps push us in our innovation. Being able to see what industry is doing is very helpful.—Vice Adm. Nancy Norton, USN, director, DISA and commander, JFHQ DODIN #AFCEATechNet

Ruth Youngs Lew, Enterprise Information Systems, U.S. Navy, echoed the admiral’s calls for inherent cybersecurity. “Building security in from the start is the most important thing we can do,” she declared.

Building security in from the start is the most important thing we can do.—Ruth Youngs Lew, Enterprise Information Systems, U.S. Navy #AFCEATechNet

And then there is the insider threat. “If you’re not looking at cause and effect, then you really might not understand the degree of the insider threat,” said Deborah Golden, Deloitte & Touche. She called for better situational awareness of insider activities, which is something the Defense Department is pursuing.

If you’re not looking at cause and effect, then you really might not understand the degree of the insider threat.—Deborah Golden, Deloitte & Touche #AFCEATechNet

Panelists agreed that everyone needs to share information to a greater degree, starting with government. “Across the government, we—DOD—don’t share enough with the rest of the government, and we have to do better,” the admiral stated.

Across the government, we—DOD—don’t share enough with the rest of the government, and we have to do better.—Vice Adm. Nancy Norton, USN, director, DISA and commander, JFHQ DODIN #AFCEATechNet